[Bug 27393] Special:UserLogout should prompt if not originating from logout link

bugzilla-daemon Fri, 29 Aug 2014 17:59:58 -0700

https://bugzilla.wikimedia.org/show_bug.cgi?id=27393


Krinkle <krinklem...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |krinklem...@gmail.com

--- Comment #4 from Krinkle <krinklem...@gmail.com> ---
Like other user actions we expose via index.php for the user interface, this
action should use a (salted) token.

The link displayed in the UI can have the token inserted in the hyperlink.

When accessing the Special page directly without or with an invalid token, the
user gets the form (with a, now valid, token as hidden field) and may submit
this by pressing a button.

Similar to rollback, watch, purge, and markpatrolled actions.

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 27393] Special:UserLogout should prompt if not originating from logout link

Reply via email to